Osmosis v9 Post-Upgrade Downtime Incident - Day 2
Osmosis Official Announcement Tweet
https://twitter.com/osmosiszone/status/1534684186803568640
The following only selects the translation of information that I think is important (it may also be inaccurate
Please see original tweet for full information
While detailed calculation is still in progress, the total amount overdrawn is estimated at around $5M.
The detailed count is still in progress, and the temporary overdrawn amount is estimated to be about five million US dollars
Because the vulnerability itself is 50% more when extracting the flow pool, so it is overdrawn (how to translate this word?
All losses will be covered.
This is happening through a combination of efforts to maximize recovery of exploited funds and a commitment to backstop any unrecovered funds from the developer treasury.
More information on specific recovery plan will be available in the future.
All losses will be compensated, including doing our best to rescue coins transferred from the vulnerability, and using developer treasury
Not sure what part developer treasury refers to, but not the community fund pool
OSMO Token Distribution original text:
https://medium.com/osmosis/osmo-token-distribution-ae27ea2bb4db
A small number of wallets were responsible for the majority of exploited funds, and we are confident that we will have a high recovery rate from these wallets.
Only a small number of wallets involve most of the "illegitimate funds", so there is confidence that the majority of the "illegitimate funds" will be recovered
(There is a follow-up to this paragraph, and I will talk about it later)
While ETAs are highly subject to change, It is estimated this will take at least another 2 days until a new release is made.
The restart is expected to wait at least two more days, and may take more time
Right now efforts are focused on actions to address short-term priorities of recovering exploited funds, fortifying security, and restarting the chain.
As soon as these are resolved, we will turn to share more in-depth analysis of what happened and the learnings that we will commit to.
The team is now focused on recovering "illegal funds", improving security (such as doing tests and finding other bugs, etc.) and preparing for the reopening of the network
More in-depth analysis and future action directions will be released later
One of the "illegal funds" wallets - Validator FireStake
~~The following is only what I see on Twitter, please find all the information on Twitter~~
Validator FireStake | Validator tweeted this
https://twitter.com/stake_fire/status/1534598315441913856
Dear @osmosiszone community, many of you know about the Osmosis LP bug that occurred yesterday.
In disbelief of it being real, two members of @fire_stake
started testing to see if the bug existed, testing grew into a temporary lapse in good judgment, and...
in the process, we managed to convert $226 USD to ~$2M. We were thinking about our family's future, and not the future of our community.
Shortly after doing so, we stressed throughout the night about how we can set things right. We're currently working with the Osmosis team...
to return the funds as soon as possible. We're also working with the Osmosis team to encourage anyone else who took advantage of this situation to please come forward and return funds.
You're welcome to come to us, and we can help act as a liaison. We need to make this right.
FireStake claims
Two members of FireStake wanted to test this vulnerability, and swiped from 226USD to ~2 million USD
Will now work with Osmosis to return "illegal funds"
then this tweet
https://twitter.com/stake_fire/status/1534662023878848512
Hi all, we've heard your feedback. We plan to exit operations in one of two ways:
1) Transition our nodes to trusted providers via key exchange
2) Start the unbonding process
We will update once the plan is finalized.
We hear from you and are ready to step down as a validator by one of the following
1) Transfer nodes to others
2) Start the unlocking procedure
And then (this is what I just saw)
(not a tweet from that validator)
https://twitter.com/MarcinMikus/status/1534826442420277248
So @stake_fire is into bs that they going to move ownership to other validator (located in same country with same connections). Changing name is not same as changing validator essentially.
Look whos here too! They sif Dao guy!
Don't touch it with a stick.
FireStake claims to transfer nodes to https://twitter.com/Kadabra_Moon
A Twitter account with no history
Basically just change the name
(Because this happened recently, I have a greater chance of making mistakes / information is behind, please pay attention to the latest situation on Twitter and see the original tweet)
Are there too many peanuts lately OwO?
Article cover from https://frontier.osmosis.zone/
Like my work? Don't forget to support and clap, let me know that you are with me on the road of creation. Keep this enthusiasm together!
- Author
- More